class UsersController < ApplicationController
  before_filter :login_required

  def index
    @users = User.active.all
  end
  
  def show
    @user = User.active.find(params[:id])
  end
  
  def new
    @user = User.new
  end
  
  def create
    @user = User.new(params[:user])

    unless @user.manually_set_password?
      password = "password" # make temporary random password
      @user.password = @user.password_confirmation = password
      # TODO: send user temporary password
      # TODO: set settings to force a password reset on next login
    end

    if @user.save
      # TODO: make a delayed job to send user an email
      # with either a password, and instructions saying that the
      # password will need to be set on the next login OR
      # a you have been created message
      flash[:notice] = "User created successfully"
      redirect_to @user
    else
      render :new
    end
  end
end
